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(i) REAL PARTY IN INTEREST 

The Assignee of all right, title and interest to the above-referenced Application 
Hewlett-Packard (Canada) Co., a Canadian corporation. 



(ii) RELATED APPEALS AND INTERFERENCES 

The present application is a continuation-in-part of U.S. Application Serial No. 
09/552,345 filed April 19, 2000, which is also on appeal before the Board. Appellants, 
Appellants' legal representative, and the Assignee of the present application are not aware of any 
other prior or pending appeals, interferences or judicial proceedings which may be related to, 
directly affect or have a bearing on the Board's decision in the pending appeal. 
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(iii) STATUS OF CLAIMS 

Claims 1-13 are pending in the Application. 

Claims rejected: 5-1 1 

Claims allowed: none 

Claims confirmed: none 

Claims withdrawn: 1-4, 12, and 13 

Claims obj ected to : none 

Claims canceled: none 
Appellants appeal the rejections of claims 5-11. These claim rejections were the only 
claim rejections present in the Office Action ("Action") dated September 28, 2005, which was 
final. 
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(iv) STATUS OF AMENDMENTS 

A final rejection was made September 28, 2005. No amendments to the claims 
requested to be admitted after the non-fmal rejection. 



(v) SUMMARY OF CLAIMED SUBJECT MATTER 

Concise explanations of exemplary forms of the claimed invention: 



With respect to independent claim 5 

An exemplary form of the invention is directed to a computer security service for a 
computer network accessible by users (70) (Figure 4) and comprising services and resources (74) 
(Page 13, lines 12-14). The computer security service comprises a policy builder component (86) 
available to one or more policy managers for defining access policies (84) for the computer 
network users, services and resources (Page 13, lines 14-16) (Figures 4 and 5). In addition, the 
computer security service comprises a web-based delegated administration component (140) 
(Figure 13) accessible to users for defining access policies for the computer network users (144), 
services and resources (142), the delegated administration component comprising a graphical 
user interface available to users for defining said access policies (Page 13, lines 16-21; page 40, 
line 23 to page 41, line 9). 
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GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

The grounds to be reviewed in this appeal are: 

Whether Appellants' claims 5-11 are unpatentable under 35 U.S.C. § 102(b) over 
Schneider, et al., U.S. Patent No. 6,178,505 ("Schneider"). 



(vii) ARGUMENT 

Schneider Reference 

The Schneider reference is directed to access filters which are used to control access in 
intranets (Column 7, lines 48-50). 

The 35 U.S.C. § 102 (b) Rejections 

The Applicable Legal Standards 

Anticipation pursuant to 35 U.S. C. § 102 requires that a single prior art reference contain 
all the elements of the claimed invention arranged in the manner recited in the claim. Connell v. 
Sears, Roebuck & Co., 122 F.2d 1542, 1548, 220 USPQ 193, 198 (Fed. Cir. 1983). 

Anticipation under 35 U.S.C. § 102 requires, in a single prior art disclosure, each and 
every element of the claimed invention arranged in a manner such that the reference would 
literally infringe the claims at issue if made later in time. Lewmar Marine, Inc. v. Barient, Inc., 
827 F.2d 744, 747, 3 USPQ2d 1766, 1768 (Fed. Cir. 1987). 

Anticipation by inherency requires that the Patent Office establish that persons skilled in 
the art would recognize that the missing element is necessarily present in the reference. To 
establish inherency, the Office must prove through citation to prior art that the feature alleged to 
be inherent is "necessarily present" in a cited reference. Inherency may not be established based 
on probabilities or possibilities. It is plainly improper to reject a claim on the basis of 35 U.S.C. 
§ 102 based merely on the possibility that a particular prior art disclosure could or might be used 
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or operated in the manner recited in the claim. In re Robertson, 169 F.3d 743, 49 USPQ2d 1949 
(Fed. Cir. 1999). 

It is respectfully submitted that the Action from which this appeal is taken does not meet 
these burdens. 

Rejection under 35 U.S.C> 8 102(b) over Schneider 

Claims 5-11 were rejected under 35 U.S.C. § 102(b) as being anticipated by Schneider. 
This rejection is respectfully traversed. 

Claims 5 

Claim 5 is an independent claim. Appellants respectfully submit that Schneider does not 
disclose each feature and relationship recited in claim 5. 

For example, claim 5 recites a computer security service that comprises both "a policy 
builder component" and "a web-based delegated administration component". Schneider does not 
disclose or suggest a system which comprises both of these recited elements. Rather, Schneider 
shows non-web-based administrative user interface displays (901, 1001, 1 101, and 1201) 
(Figures 9-12) which display users, resources, pohcies, and access filters, respectively, over 
which a user of the respective display has administrative authority (Column 22, lines 57-65; 
Column 23, lines 36-44; Column 23, line 61 to Column 24, lines 3; and Column 24, lines 61-67). 
Nowhere does Schneider disclose or suggest that these described displays (901, 1001, 1 101, 
1201) are web-based. Further, nowhere does Schneider disclose or suggest that any of the 
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specific features and capabilities described as being perfomed by these displays could be carried 
out by a web-based component. 

The Action contends that the recited web-based delegated administration component is 
disclosed in Schneider at Column 25, lines 12-65. Appellants disagree. This portion of 
Schneider discusses the "User hiterface for Discovering Resources" represented by the displays 
1801, 2401 shown in Figures 18 and 24. This interface (termed an "IntraMap" interface) is used 
to show what resources are available to a user in a VPN. Although Schneider states that the 
interface is implemented by means of a Java applet that runs on any Java-equipped World Wide 
Web browser (Column 25, lines 23-24), nowhere does Schneider disclose or suggest that this 
interface is capable of carrying out the recited features of "defining access policies for the 
computer network users, services and resources". Therefore, this portion of Schneider cannot 
correspond to the recited "web-based delegated administration component" as contended in the 
Action. 

The Action further includes a Response to Arguments section (pages 2-4 of the Action) 
which contends that Schneider at Column 25, lines 12-65 teaches the "web-based" to set access 
pohcies accessible to users (Page 2, lines 1 1-13 of the Action). Appellants again disagree. 
Nowhere in Column 25, lines 12-65, or anywhere else in Schneider, is it disclosed or suggested 
that the alleged web-based displays 1801, 2401 shown in Figures 18 and 24 set access policies 
accessible to users. Rather, this portion of Schneider specifically states that the alleged web- 
based display "shows each user at least the resources that belong to the information sets that the 
user may access according to the access policies for the user sets the user belongs to" (Column 
25, lines 16-19). It is clear from this sentence that in the sentence segment "the user sets" the 
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word "set" is not a verb, but a noun which refers to the user access pohcy sets previously stored 
for the user. The word "set" in this sentence does not correspond to a verb and therefore does not 
disclose or suggest that a user is capable of using the described display to define access policies 
for users. 

The Action (at page 2, lines 14-17) further points out Column 25, lines 19-22, in which 
Schneider states that "hi other embodiments, the hitraMap may take the sensitivity level of the 
resource and the trust level of the user's identification into account as well. . ." The Action then 
contends that "This trust level is fiirther explained in the reference that the user may act as an 
administrator (see col. 31, lines 17-67)". 

Appellants disagree that this statement in Schneider provides any support for the rejection 
of claim 5. It appears the Action is reading this sentence out of context. The fiiU paragraph at 
Column 25, lines 12-22 reads as follows: 

The users of VPN 201 have an interface for seeing what resources are available to 
them in VPN 201 . The interface termed herein the IntraMap interface (LitraMap 
is a trademark of hitemet Dynamics, Incorporated) shows each user at least the 
resources that belong to the information sets that the user may access according to 
the access policies for the user sets the user belongs to. hi other embodiments, the 
IntraMap may take the sensitivity level of the resource and the trust level of the 
user's identification into account as well. 

It is clear from this paragraph, that in the described other embodiment, the described 
display shows each user the resources that belong to the information sets that the user 
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may access according to the "sensitivity level of the resource and the trust level of the 
user*s identification" as well as "the access policies for the user sets the user belongs to." 
Nowhere does this paragraph in Schneider disclose or suggest "defining access policies" 
with the described IntraMap display. 

In addition, Column 31, lines 17-67 referenced in the Action (at page 2, line 18), 
also does not support an argument that the above paragraphs at Column 25, lines 12-65 
show "defining access policies" with a web-based display. Rather, Column 31, lines 17- 
67 is directed to a description of the tables shown in Figure 16 that are used to store 
access pohcies, administrative pohcies, and policymaker policies (Column 31, lines 18- 
21) for the access control database (301). As discussed previously, only the non-web- 
based administrative displays (Figures 8-12) of Schneider are described as being capable 
of defining such policies in the access control database (301) (e.g. Column 24, lines 31- 
33). Nowhere does Schneider disclose or suggest a web-based display that defines access 
policies. 

As discussed previously, claim 5 recites both "a policy builder component" and "a 
web-based delegated administration component". At best, one of Schneider's non-web- 
based administrative displays (e.g. display 1101) could arguably correspond to the recited 
"a policy builder component available to one or more policy managers, for defining 
access policies for the computer network users, services and resources". However, 
nowhere does Schneider disclose or suggest an additional administrative display that is 
web-based. In addition, nowhere does Schneider disclose or suggest the alleged web- 
based IntraMap interface display (1801) is capable of defining access policies. Thus 
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nowhere does Schneider disclose or suggest the recited policy builder component and "a 
web-based delegated administration component accessible to users for defining access 
policies for the computer network users, services and resources, the delegated 
administration component comprising a graphical user interface available to users for 
defining said access policies". 

In addition, Appellants respectfiilly submit that it would not be inherent in 
Schneider to include "a web-based delegated administration component accessible to 
users for defining access policies*'. Anticipation by inherency requires that the Patent 
Office establish that persons skilled in the art would recognize that the missing element is 
necessarily present in the reference. To establish inherency the Office must prove 
through citation to prior art that the feature alleged to be inherent is "necessarily present" 
in a cited reference. Inherency may not be established based on probabilities or 
possibilities. It is plainly improper to reject a claim on the basis of 35 U.S.C. § 102 based 
merely on the possibility that a particular prior art disclosure could or might be used or 
operated in the manner recited in the claim. In re Robertson, 169 F.3d 743, 49 USPQ2d 
1949 (Fed. Cir. 1999). 

It is not necessary for Schneider to have the ability to define access policies in the 
alleged web-based InterMap interface display (1801) of Schneider. For example, 
Schneider specially teaches that the users must send an e-mail to an administrator when 
they wish to have access to a particular resource (Column 25, lines 51-54). Thus users can 
acquire access to a new recourse by e-mailing an administrator who presumably has 
access to one of the non-web-based administrative displays (901, 1001, 1101, 1201). 
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Thus it would not be inherent for the alleged web-based InterMap interface display (1801) 
to include the recited features of "a web-based delegated administration component". 

The present evidence of record does not teach or suggest the recited features. The 
rejection relies on conclusory statements, not evidence of record. The Action's mere 
assertions, which are unsupported by Schneider, do not constitute the required prior art 
evidence of record, and thus they lack substantial evidence support. The determination of 
patentability must be based on evidence of record. As the evidence of record does not 
support the rejection, the claims should be allowed. In re Zurko, 258 F.3d 1379, 59 
USPQ2d 1693 (Fed. Cir. 2001). In re Lee, 211 F.3d 1338, 61 USPQ2d 1430 (Fed. Cir. 
2002). 

Schneider does not explicitly or inherently teach the features and relationships 
recited in claim 5. For all of these many reasons, Schneider does not anticipate claim 5. 
Therefore, Appellants respectfully submit that the 35 U.S.C. § 102(b) rejection should be 
withdrawn. It follows that the rejections of claims 6-11 which depend from claim 5 
should also be withdrawn. 

Claim 6 

Claim 6 depends from claim 5 and recites that the delegated administration 
component is implemented as a service supported by the computer security service. 
The Action contends that these features are shown at Column 25, lines 12-18, of 
Schneider. Appellants disagree. 
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This portion of Schneider discusses an IntraMap interface which shows each user 
the resources that belong to the information sets that the user may access. As discussed 
previously, nowhere does this portion of Schneider or any other portion of Schneider 
disclose or suggest a web-based delegated administration component. Further, nowhere 
does this portion of Schneider or any other portion of Schneider disclose or suggest a 
web-based delegated administration component that is implemented as a service 
supported by the computer security service. 

As nothing in the applied art discloses or suggests these recited features and 
relationships, Appellants respectfully submit that the 35 U.S.C. § 102(b) rejection of 
claim 6 should be withdrawn. 

Claim 7 

Claim 7 depends from claim 5 and recites that the graphical user interface 
comprises one or more HTML format pages accessible to users. Nowhere does Schneider 
disclose or suggest "a web-based delegated administration component" comprised of a 
graphical user interface that is comprised of HTML format pages. Further, nowhere does 
Schneider disclose or suggest a graphical user interface comprised of HTML format 
pages which are available to users for defining said access policies. 

The Action contends that the features recited in claim 7 are found in Schneider at 
Column 25, lines 23-40, which states that "The hiterMap interface is implemented by 
means of a Java™ applet that runs on any Java-equipped World Wide Web browser." 
Appellants respectfully submit that a Java applet is not equivalent to the recited HTML 
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format pages. Therefore, Schneider does not disclose or suggest that its InterMap 
interface comprises HTML format pages. Further, even if it were possible for the 
InterMap interface to comprise HTML pages (which has not been established), the 
InterMap interface application does not permit "defining said access policies". Thus the 
Office has failed to show any prior art disclosure or suggestion of a graphical user 
interface for defining access policies which comprises HTML format pages. 

As nothing in the applied art discloses or suggests these recited features and 
relationships, Appellants respectfully submit that the 35 U.S.C. § 102(b) rejection of 
claim 7 should be withdrawn. 

Claim 8 

Claim 8 depends fi-om claim 5. The Action points to Column 31, line 17, to 
Column 32, line 8, of Schneider which discusses a description of the tables shown in 
Figure 16 that are used to store access policies, administrative poHcies, and policy maker 
poUcies (Column 31, lines 18-21) for the access control database (301). However, 
nowhere does this portion of Schneider disclose or suggest the recited "delegated 
administration definition component". The Action also contends that Colunrn 25, lines 
12-65; and Column 35, lines 19-47 show that users can be designated administrator and 
therefore have access to policy management via the network. However, again neither of 
these portions of Schneider discloses or suggests the recited "delegated administration 
definition component". 
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Also, the alleged teaching in Schneider that a user can be an administrator which 
accesses policy management via a network does not disclose or suggest the features 
recited in claim 8. Nowhere does Schneider disclose or suggest a delegated 
administration definition component which defines delegated administration 
permissions which selectively enable users to use a web-based delegated 
administration component to define access policies for specified resources and users. 

As nothing in the applied art discloses or suggests these recited features and 
relationships, Appellants respectfully submit that the 35 U.S.C. § 102(b) rejection of 
claim 8 should be withdrawn. 

Claim 9 

Claim 9 depends fi-om claim 8. As discussed previously, the Action has failed to 
show where Schneider discloses or suggest the recited "delegated administration 
definition component" which is capable of defining delegated administration permissions 
which selectively enable users to use a web-based delegated administration component to 
define access policies for specified resources and users. 

hi addition, nowhere does Schneider disclose or suggest any component which has 
the specific features recited in claim 9. For example, nowhere does Schneider disclose or 
suggest a graphical user interface for displaying a grid having nodes, laid out on a first 
axis defining users and a second axis defining resources, which nodes correspond to a 
variable set of users for which delegated administration permissions are granted, hi 
addition, nowhere does Schneider disclose or suggest that the position of each node 
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relative to the first and second axes in the grid defines the users and the resources, 
respectively, for which permissions are granted for the node. 

The Action contends that Schneider discloses these recited features at Column 31, 
lines 17-32. Appellants disagree. Column 31, lines 17-32 discusses the tables shown in 
Figure 16 that are used to store access policies, administrative policies, and policy maker 
policies (Column 31, lines 18-21) for the access control database (301). 
This portion of Schneider does not disclose or suggest a graphical user interface for 
displaying a grid. 

The Action also points out Column 35, lines 55-60 of Schneider. This portion of 
Schneider references the administrative graphical user interfaces which were described 
previously (e.g. displays 901, 1001, 1101, 1201 shown in Figure 9-12). Although such 
displays may be operative to make changes in the information stored in the access control 
database, Schneider does not disclose or suggest that these displays have the features 
recited in claim 9. For example, none of the windows 903, 909, 1003, 1005, 1 107, 1 103, 
1 105, 1203 shown in Figures 9-12 shows the recited grid laid out on a first axis 
defining users and a second axis defining resources. In addition none of these 
windows shown in Figures 9-12 shows the recite nodes which correspond to a variable 
set of users for which delegated administration permissions are granted, hi addition, 
none of these windows shown in Figures 9-12 shows that the position of each node 
relative to the first and second axes in the grid defines the users and the resources, 
respectively, for which permissions are granted for the node. 
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In addition, the rejection relies on unsupported statements, not evidence of record. 
For example, to support the rejection, the Action relies on statements such as "Note a 
GUI has two axes, the alignment of objects to an axis is well known in the art when 
designing computer programs to be displayed on a computer screen," and, "it is also well 
known in the art there are many different ways to represent information. Take for 
example your typical Excel spreadsheet, the program itself allows the user to decide 
which axis is x and which is y as well as when information to be displayed" (page 4, lines 
8-12 of the Action). These assertions in the Action are not based on any evidence in the 
record. An assertion of prior art knowledge not based on any evidence in the record lacks 
substantial evidence support. In re Zurko, supra. The determination of patentability must 
be based on evidence of record. In re Lee, supra. Appellants respectfully submit that 
because the rejection is based on mere assertions and not proper evidence of record, it is 
not a legally vaUd rejection 

In addition, following these unsupported statements, the Action states (page 4, 
lines 12-14) that "Therefore any argument applicant directs toward how information is 
displayed relative to axes is not persuasive". It appears by these statements that the 
Action does not regard the specifically recited features and relationships directed to the 
arrangement of nodes on the grid in the graphical user interface as having patentable 
weight. Appellants respectfully submit that the Office may not arbitrarily ignore 
specifically recited features and relationships in a claim which are capable of being used 
to distinguish the claim fi:'om the prior art. The positions of the nodes relative the axes as 
recited in the claim provide a functional relationship associated with defining the users 
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and the resources, respectively, for which permissions are granted for the node. The 
assertions in the Action regarding Microsoft Excel do not provide any prior art evidence 
that all of the specific features and relationships recited in claim 9 are disclosed or 
suggested in Schneider. 

As nothing in the applied art discloses or suggests the recited features and 
relationships in claim 9, Appellants respectfully submit that the 35 U.S.C. § 102(b) 
rejection of claim 9 should be withdrawn. 

Claim 10 

Claim 10 depends from claim 9. hi addition to not disclosing or suggesting a 
graphical user interface with the recited grid and nodes recited in claim 9, Schneider also 
does not disclose or suggest the recited features in claim 10 that the graphical user 
interface further comprises an array of nodes which define specified users enabled to 
modify user data maintained by the computer security service, where the array of nodes is 
relative to the second axis defining resources and where the position of each node in the 
array of nodes, relative to the first axis defining users, defines the user data for which the 
modification of data is enabled. 

The Action contends that Schneider discloses these recited features at Column 31, 
lines 17-32. Appellants disagree. As discussed previously, Column 31, lines 17-32 
discusses the tables shown in Figure 16 that are used to store access policies, 
administrative policies, and policy maker policies (Column 31, lines 18-21) for the access 
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control database (301). This portion of Schneider does not disclose or suggest a graphical 
user interface for displaying a grid. 

The Action also points out Column 35, lines 55-60 of Schneider. This portion of 
Schneider references the administrative graphical user interfaces which were described 
previously (e.g. displays 901, 1001, 1 101, 1201 shovm in Figure 9-12). Although such 
displays may be operative to make changes in the information stored in the access control 
database, Schneider does not disclose or suggest that these displays have the features 
recited in claim 10. For example, none of the windows 903, 909, 1003, 1005, 1 107, 
1 103, 1 105, 1203 shown in Figures 9-12 shows the recited array of nodes positioned 
relative a first axis defining users and a second axis defining resources. Further none of 
these windows shown in Figure 9-12 shows that the position of each node in the array of 
nodes, relative to the first axis, defines the user data for which the modification of data is 
enabled. 

In addition, the rejection relies on unsupported statements, not evidence of record. 
For example, to support the rejection, the Action relies on statements such as "Note a 
GUI has two axes, the alignment of objects to an axis is well known in the art when 
designing computer programs to be displayed on a computer screen," and "it is also well 
known in the art there are many different ways to represent information. Take for 
example your typical Excel spreadsheet, the program itself allows the user to decide 
which axis is x and which is y as well as when information to be displayed" (page 4, lines 
8-12 of the Action), These assertions in the Action are not based on any evidence in the 
record. An assertion of prior art knowledge not based on any evidence in the record lacks 

-21- 



substantial evidence support. In re Zurko, supra. The determination of patentability must 
be based on evidence of record. In re Lee, supra. Appellants respectfully submit that 
because the rejection is based on mere assertions and not proper evidence of record, it is 
not a legally valid rejection. 

In addition, following these unsupported statements, the Action states (page 4, 
lines 12-14) that "Therefore any argument applicant directs toward how information is 
displayed relative to axes is not persuasive". It appears by these statements that the 
Action does not regard the specifically recited features and relationships directed to the 
arrangement of nodes in the graphical user interface as having patentable weight. 
Appellants respectfully submit that the Office may not arbitrarily ignore specifically 
recited features and relationships in a claim which are capable of being used to 
distinguish the claim from the prior art. The positions of the nodes relative the axes as 
recited in the claim provide a functional relationship associated with defining specified 
users enabled to modify user data maintained by the computer security service. The 
assertions in the Action regarding Microsoft Excel do not provide any prior art evidence 
that all of the specific features and relationships recited in claim 10 are disclosed or 
suggested in Schneider. 

As nothing in the applied art discloses or suggests the recited features and 
relationships in claim 10, Appellants respectfully submit that the 35 U.S.C. § 102(b) 
rejection of claim 10 should be withdrawn. 
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Claim 11 

Claim 1 1 is a multiple dependent claim depending from claims 5, 6, 7, 8, 9, or 10. 
The Action has not shown where Schneider discloses or suggests a computer program 
product comprising a computer usable medium having computer readable program code 
means embodied in said medium for implementing the computer security service of claim 
5, 6, 7, 8, 9, or 10. As nothing in the appHed art discloses or suggests the recited features 
and relationships in claim 1 1, Appellants respectfully submit that the 35 U.S.C. § 102(b) 
rejection of claim 1 1 should be withdrawn. 

CONCLUSION 

Each of Appellants' pending claims specifically recites elements, features, 
relationships, and steps that are neither disclosed nor suggested in any of the applied prior 
art. Furthermore, the applied prior art is devoid of any teaching, suggestion, or 
motivation for producing the recited invention. For these reasons, it is respectfully 
submitted that all the pending claims are allowable. 

Respectfully submitted, 

Christopher L. Parmelee 
Reg. No. 42,980 
WALKER & JOCKE 
231 South Broadway 
Medina, Ohio 44256 
(330) 721-0000 
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(viii) CLAIMS APPENDIX 

5. A computer security service for a computer network accessible by users and 
comprising services and resources, the computer security service comprising, 

a policy builder component available to one or more policy managers, for defining 
access policies for the computer network users, services and resources, and 

a web-based delegated administration component accessible to users for defining 
access policies for the computer network users, services and resources, the 
delegated administration component comprising a graphical user interface 
available to users for defining said access policies. 

6. The computer security service of claim 5 in which the delegated administration 
component is implemented as a service supported by the computer security service. 

7. The computer security service of claim 5 in which the graphical user interface 
comprises one or more HTML format pages accessible to users. 

8. The computer security service of claim 5 fiirther comprising a delegated 
administration definition component for defining delegated administration permissions 
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for users whereby users are selectively enabled to use the delegated administration 
component to define access policies for specified resources and users. 

9. The computer security service of claim 8 in which the delegated administration 
definition component further comprises a graphical user interface for displaying a grid 
having nodes, laid out on a first axis and on a second axis, each node corresponding to a 
variable set of users, potentially including the null set, for which delegated administration 
permissions are granted, the position of each node relative to the first and second axes in 
the grid defining the users and the resources, respectively, for which permissions are 
granted for the node. 

10. The computer security service of claim 9, the graphical user interface further 
comprising an array of nodes relative to the second axis for defining specified users 
enabled to modify user data maintained by the computer security service, the position of 
each node in the array of nodes, relative to the first axis, defining the user data for which 
the modification of data is enabled. 

1 1 . A computer program product for users with a computer network, said computer 
program product comprising a computer usable medium having computer readable 
program code means embodied in said medium for implementing the computer security 
service of claim 5, 6, 7, 8, 9, or 10. 



A-2 



A *' » 



(ix) EVIDENCE APPENDIX 

(None) 
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(x) RELATED PROCEEDINGS APPENDIX 

No decisions have been rendered by a court or the Board with respect to U.S. 
appUcation serial no. 09/552,345 filed April 19, 2000. 
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